IsItPatched — ColdFusion security feed

IsItPatched — ColdFusion security feed https://isitpatched.com/coldfusion Security alerts for ColdFusion: newly-exploited CVEs and end-of-life events from IsItPatched. en Compiled by IsItPatched (isitpatched.com) from NVD, CISA KEV, EPSS and endoflife.date. IsItPatched (https://isitpatched.com) https://www.rssboard.org/rss-specification 15 https://isitpatched.com/icon-192.png IsItPatched — ColdFusion security feed https://isitpatched.com/coldfusion Tue, 16 Jun 2026 22:43:51 GMT ColdFusion: CVE-2024-20767 (High, exploited) https://isitpatched.com/cve/CVE-2024-20767 coldfusion|CVE-2024-20767 Severity: High (CVSS 7.4) · Improper access control · Actively exploited (CISA KEV) · EPSS 99% Exploited IsItPatched Mon, 18 Mar 2024 12:15:06 GMT ColdFusion: CVE-2023-44353 (Critical) https://isitpatched.com/cve/CVE-2023-44353 coldfusion|CVE-2023-44353 Severity: Critical (CVSS 9.8) · Insecure deserialization · EPSS 80% Critical IsItPatched Fri, 17 Nov 2023 14:15:21 GMT ColdFusion: CVE-2023-44352 (Medium) https://isitpatched.com/cve/CVE-2023-44352 coldfusion|CVE-2023-44352 Severity: Medium (CVSS 6.1) · Cross-site scripting (XSS) · EPSS 85% Medium IsItPatched Fri, 17 Nov 2023 14:15:21 GMT ColdFusion: CVE-2023-38205 (High, exploited) https://isitpatched.com/cve/CVE-2023-38205 coldfusion|CVE-2023-38205 Severity: High (CVSS 7.5) · Improper access control · Actively exploited (CISA KEV) · EPSS 100% Exploited IsItPatched Thu, 14 Sep 2023 08:15:07 GMT ColdFusion: CVE-2023-38203 (Critical, exploited) https://isitpatched.com/cve/CVE-2023-38203 coldfusion|CVE-2023-38203 Severity: Critical (CVSS 9.8) · Insecure deserialization · Actively exploited (CISA KEV) · Ransomware-linked · EPSS 97% Exploited IsItPatched Thu, 20 Jul 2023 16:15:12 GMT ColdFusion: CVE-2023-29300 (Critical, exploited) https://isitpatched.com/cve/CVE-2023-29300 coldfusion|CVE-2023-29300 Severity: Critical (CVSS 9.8) · Insecure deserialization · Actively exploited (CISA KEV) · Ransomware-linked · EPSS 100% Exploited IsItPatched Wed, 12 Jul 2023 16:15:11 GMT ColdFusion: CVE-2023-29298 (High, exploited) https://isitpatched.com/cve/CVE-2023-29298 coldfusion|CVE-2023-29298 Severity: High (CVSS 7.5) · Improper access control · Actively exploited (CISA KEV) · EPSS 100% Exploited IsItPatched Wed, 12 Jul 2023 16:15:11 GMT ColdFusion: CVE-2023-26360 (High, exploited) https://isitpatched.com/cve/CVE-2023-26360 coldfusion|CVE-2023-26360 Severity: High (CVSS 8.6) · Improper access control · Actively exploited (CISA KEV) · EPSS 97% Exploited IsItPatched Thu, 23 Mar 2023 20:15:15 GMT ColdFusion: CVE-2023-26359 (Critical, exploited) https://isitpatched.com/cve/CVE-2023-26359 coldfusion|CVE-2023-26359 Severity: Critical (CVSS 9.8) · Insecure deserialization · Actively exploited (CISA KEV) · EPSS 18% Exploited IsItPatched Thu, 23 Mar 2023 20:15:15 GMT ColdFusion: CVE-2022-38421 (High) https://isitpatched.com/cve/CVE-2022-38421 coldfusion|CVE-2022-38421 Severity: High (CVSS 7.2) · Path traversal · EPSS 79% High IsItPatched Fri, 14 Oct 2022 20:15:13 GMT ColdFusion: CVE-2022-38418 (Critical) https://isitpatched.com/cve/CVE-2022-38418 coldfusion|CVE-2022-38418 Severity: Critical (CVSS 9.8) · Path traversal · EPSS 80% Critical IsItPatched Fri, 14 Oct 2022 20:15:12 GMT ColdFusion: CVE-2018-15961 (Critical, exploited) https://isitpatched.com/cve/CVE-2018-15961 coldfusion|CVE-2018-15961 Severity: Critical (CVSS 9.8) · Unrestricted file upload · Actively exploited (CISA KEV) · EPSS 100% Exploited IsItPatched Tue, 25 Sep 2018 13:29:01 GMT ColdFusion: CVE-2018-4939 (Critical, exploited) https://isitpatched.com/cve/CVE-2018-4939 coldfusion|CVE-2018-4939 Severity: Critical (CVSS 9.8) · Insecure deserialization · Actively exploited (CISA KEV) · EPSS 63% Exploited IsItPatched Sat, 19 May 2018 17:29:01 GMT ColdFusion: CVE-2017-3066 (Critical, exploited) https://isitpatched.com/cve/CVE-2017-3066 coldfusion|CVE-2017-3066 Severity: Critical (CVSS 9.8) · Insecure deserialization · Actively exploited (CISA KEV) · EPSS 91% Exploited IsItPatched Thu, 27 Apr 2017 14:59:00 GMT ColdFusion: CVE-2013-0632 (Critical, exploited) https://isitpatched.com/cve/CVE-2013-0632 coldfusion|CVE-2013-0632 Severity: Critical (CVSS 9.8) · CWE-276 · Actively exploited (CISA KEV) · EPSS 94% Exploited IsItPatched Thu, 17 Jan 2013 00:55:01 GMT ColdFusion: CVE-2013-0631 (High, exploited) https://isitpatched.com/cve/CVE-2013-0631 coldfusion|CVE-2013-0631 Severity: High (CVSS 7.5) · Actively exploited (CISA KEV) · EPSS 66% Exploited IsItPatched Wed, 09 Jan 2013 01:55:03 GMT ColdFusion: CVE-2013-0629 (High, exploited) https://isitpatched.com/cve/CVE-2013-0629 coldfusion|CVE-2013-0629 Severity: High (CVSS 7.5) · Actively exploited (CISA KEV) · EPSS 66% Exploited IsItPatched Wed, 09 Jan 2013 01:55:03 GMT ColdFusion: CVE-2013-0625 (Critical, exploited) https://isitpatched.com/cve/CVE-2013-0625 coldfusion|CVE-2013-0625 Severity: Critical (CVSS 9.8) · Improper authentication · Actively exploited (CISA KEV) · EPSS 94% Exploited IsItPatched Wed, 09 Jan 2013 01:55:00 GMT ColdFusion: CVE-2010-2861 (Critical, exploited) https://isitpatched.com/cve/CVE-2010-2861 coldfusion|CVE-2010-2861 Severity: Critical (CVSS 9.8) · Path traversal · Actively exploited (CISA KEV) · Ransomware-linked · EPSS 100% Exploited IsItPatched Wed, 11 Aug 2010 18:47:51 GMT ColdFusion: CVE-2009-3960 (Medium, exploited) https://isitpatched.com/cve/CVE-2009-3960 coldfusion|CVE-2009-3960 Severity: Medium (CVSS 6.5) · Actively exploited (CISA KEV) · Ransomware-linked · EPSS 90% Exploited IsItPatched Mon, 15 Feb 2010 18:30:00 GMT